#!/bin/bash

# 准备创建的系统用户的信息
MYUSER=yanjingtu
MYPASS=123456

# 禁用SELINUX
echo ">>>>Disable SELINUX"
setenforce 0 2> /dev/null
sed -i 's/SELINUX=enforcing/SELINUX=disable/' /etc/sysconfig/selinux
cat >> /etc/security/limits.conf << EOF

# added by $MYUSER 2017/8/15
*                soft    nofile          20480
*                hard    nofile          32768

EOF

# 禁用防火墙
echo ">>>>Disable Firewall"
# RHEL7
systemctl stop firewalld.service 2> /dev/null
systemctl disable firewalld.service 2> /dev/null
# RHEL6 and below
service iptables stop 2> /dev/null
service ip6tables stop 2> /dev/null
chkconfig off iptables 2> /dev/null
chkconfig off ip6tables 2> /dev/null

# 禁用一些无用的系统服务
#bluetooth, sendmail, smb(samba)
echo ">>>>Disable some services"
# RHEL5
service bluetooth stop 2> /dev/null
chkconfig off bluetooth 2> /dev/null
service sendmail stop 2> /dev/null
chkconfig off sendmail 2> /dev/null
service smb stop 2> /dev/null
chkconfig off smb 2> /dev/null
# RHEL7
systemctl stop smb 2> /dev/null
systemctl disable smb 2> /dev/null

# 关闭系统日志服务
echo ">>>>Disable SysLog service"
# RHEL5 and below
service syslog stop 2> /dev/null
chkconfig syslog off 2> /dev/null
# RHEL6
service rsyslog stop 2> /dev/null
chkconfig rsyslog off 2> /dev/null
# RHEL7
systemctl stop rsyslog.service 2> /dev/null
systemctl disable rsyslog.service 2> /dev/null

# 取消Ctrl+Alt+Del组合键重启服务器的功能
echo ">>>>Disable Ctrl+Alt+Del in terminal"
# RHEL5 and below
if ! [ -f /etc/inittabbak ]; then
	cp -f /etc/inittab /etc/inittabbak
	sed -i '/ctrlaltdel/d' /etc/inittab
	telinit q
fi
# RHEL6
if [ -f /etc/init/control-alt-delete.conf ]; then
	mv /etc/init/control-alt-delele.conf /etc/init/control-alt-delete.conf.bak 
fi
# RHEL7
if [ -f /usr/lib/systemd/system/ctrl-alt-del.target ]; then
	unlink /usr/lib/systemd/system/ctrl-alt-del.target
fi

# 创建系统用户
echo ">>>>Add system user: $MYUSER"
useradd $MYUSER
echo $MYPASS | passwd $MYUSER --stdin > /dev/null
chown -R $MYUSER:$MYUSER /home/$MYUSER

# 配置SSH服务
cd ssh
chmod +x setup.sh
./setup.sh
cd ..

